Uploaded image for project: 'phpBB3'
  1. phpBB3
  2. PHPBB3-15729

Don't unnecessarily encode email headers in Base64

    XMLWordPrintable

    Details

      Description

      Currently, phpBB always encodes the following headers in Base64:

      To
      Subject
      From
      Reply-To

      It is appropriate to encode these in Base64 if they include characters that are not contained in the ASCII character set.  However, if these fields only contain ASCII characters they should not be Base64 encoded.  Encoding them as Base64 makes them non-human readable when looking at the raw email source.  It is also a common obfuscation tactic in spam, which is why Spamassassin tests for these with the FROM_EXCESS_BASE64 test (does not apply to the "To" and "Subject" fields).

      It should be fairly simple to have phpBB check for non-ASCII characters before encoding these headers in Base64.

        Attachments

          Issue Links

          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. PHPBB3-16826 Unnecessary Use of Base64 Encoding in Email Headers

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Open

            Activity

              People

              Assignee:
              Marc Marc
              Reporter:
              sorenstoutner sorenstoutner [X] (Inactive)
              Votes:
              1 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: